Summary and resources
Once you have implemented an identity solution in Azure, you have to monitor it. There are several tools from Microsoft Sentinel to log files to support your organization in this process.
Now that you've reviewed this module, you should be able to:
- Analyze and investigate sign-in logs to troubleshoot access issues.
- Review and monitor Microsoft Entra audit logs.
- Enable and integrate Microsoft Entra diagnostic logs with Log Analytics / Microsoft Sentinel.
- Export sign-in and audit logs to a third-party SIEM tool.
- Review Microsoft Entra activity by using Log Analytics / Microsoft Sentinel, excluding KQL use.
- Analyze Microsoft Entra workbooks/reporting.
- Monitor security posture with identity secure score.
- Configure notifications.
In this module, you learned how to monitor and maintain your Microsoft Entra ID through analyzing logs of all types.
To go deeper, have a look at these articles:
- What is Microsoft Sentinel
- Microsoft Sentinel data connectors
- Kusto Query Language in Microsoft Sentinel
- Identity secure score in Microsoft Entra ID